Securemote access ip conflict issue

[plingema]

Hello,,

I have many small offices with edge XU 5.90-6.0 that would like to utilize vpn server option for vpn client access for small number of users. Question, is there anyway to nat pool or hide nat inbound vpn client connections to internal LAN ip to prevent home network ip range conflicting with internal?

Or do i have ensure home networks don't overlap with internal lan?

Thanks,,,any help appreciated,,I suspect no solution other then having home network setup on isp reg ip?

thanks,,

[andrew]

Even if you could NAT them when passing through the FW, if the networks overlap, how will SecuRemote know when data is intended for the user's LAN or for the office networks?

[plingema]

Let me expand:

the office encryption domain is 10.20.110.0/22 the remote users only need access to that network. The internal gateway or choke router for that network also receives network routing for entire WAN which may include subnets that overlap home user networks. My thought was that if i could hide nat(home user) then I could avoid the issue of return packet routing issues?

The remote user would have no requirement for access to the identical subnet if it existed within the WAN. ie: 192.168.0.xxx (NOW why that subnet is in the WAN ??? , who knows, I support, I did not design)

I don't think I can do anything except either have home user change subnet or block route from choke router? just getting second opinion,,,,thanks for quick response though..